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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 
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1)H Responsive to communication(s) filed on 08 January 2007 . 
2a')D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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4) [3 Claim(s) 1-20 is/are pending in the application. 
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5) D Claim(s) is/are allowed. 

6) H Claim(s) 1-20 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 08 January 2007 is/are: a)S accepted or b)D objected to by the Examiner. 
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* See the attached detailed Office action for a list of the certified copies not received. 
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1 DETAILED ACTION 

2 

3 This action is in response to the communication filed on 1/8/07. 

4 All objections and rejections not set forth below have been withdrawn. 

5 Claims 1 - 20 are pending. 
6 

7 Continued Examination Under 37 CFR 1.114 

8 

9 A request for continued examination under 37 CFR 1.114, including the fee set 

10 forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 

1 1 application is eligible for continued examination under 37 CFR 1.114, and the fee set 

12 forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 

13 has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 1/8/07 

14 has been entered. 
15 



1 6 Claim Rejections - 35 USC § 102 

17 

18 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 

1 9 form the basis for the rejections under this section made in this Office action: 

20 A person shall be entitled to a patent unless - 

21 (b) the invention was patented or described in a printed publication in this or a foreign country or in public 

22 use or on sale in this country, more than one year prior to the date of application for patent in the United 

23 States. 



24 
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1 Claims 1 - 20 are rejected under 35 U.S.C. 102(b) as being anticipated by Boden 

2 et al. (Boden), "System and Method for Managing Security Objects", U.S. Patent 6,330, 

3 562. 
4 

5 Regarding claim 1 , Boden discloses: 

6 providing a plurality of security policies (7:51 -58), wherein each security policy 



7 includes an application instance identifier associated with a security service, at least two 

8 application instance identifiers being associated with different security services that 

9 operate according to different protocols (3:61-64; 4: 1 7-23; 7:29-29; 1 2:60-1 3:5). Boden 

10 discloses that each application (i.e. an IKE application and an VPN manager 

1 1 application) may identify, within a policy, to the system to employ IPSec as a way of 

12 providing security services. Each of the plurality of established policies may have 

1 3 associated with them differing security services (6:52-67). 

1 4 and creating at least one security association, wherein the at least one security 

1 5 association is created based upon the at least one security service (2:3-8) associated 

1 6 with at least one application instance identifier to thereby create a centralized key store 

1 7 including the plurality of security policies and the at least one security association (figs. 

18 3-3d; 3:23-36). 
19 

20 Regarding claims 6 and 1 1 they are rejected, at least, for the same reasons as 

21 claim 1 , and because Boden further discloses: 
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1 a first security gateway configured for providing a plurality of security policies (fig. 

2 1:18,19)... wherein the first security gateway is configured for applying a security 

3 service associated with an identified (7:29-29; 1 2:60-1 3:5) application instance identifier 
4. to at least one packet of data to thereby transform the at least one packet of data, 

5 wherein the first security gateway is configured for applying the security service to the at 

6 least one packet based upon at least one security policy and at least one security 

7 association (fig. 1 ; 3:60-4:4; 6:1 3-31 ; 1 1 :table 1 ); and a second security gateway 

8 configured for applying the security service associated with the identified application 

9 instance identifier to the at least one transformed packet of data to thereby generate a 
1 0 representation of the at least one packet of data (fig. 1 ; 3:60-4:4; 6:1 3-31 ; 1 1 :table 1 ); 
11 

12 

13 Regarding claims 2, 3, 9, 12, and 14, Boden further discloses a system 

14 comprising sending and receiving gateways. Each gateway further comprises a 

1 5 VPN/user application capable of creating and accessing policies within a policy 

16 definition database (3:60-4:16). Both the sending and receiving gateways receive and 

1 7 transmit packets of which are transformed upon transmission or reception according to 

18 (application identified) security services between nodes (3:1-20; 3:60-4:16; fig. 1 ). 
19 

20 Regarding claims 4, 8, and 13, Boden further discloses: 

21 at least one security policy further including at least one selector field having at 

22 least one selector value in a format common to a plurality of security service protocols, 
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1 and wherein applying the security service comprises applying the security service 

2 further based upon the at least one security policy including the at least one selector 

3 value (11:table 1; figs. 3-3d; 13:13-50; 13:62-14:25). Boden discloses a security policy 

4 having common selector fields in addition to the application defined identifiers, wherein 

5 security services are based upon the selector fields. 
6 



7 Regarding claims 7, it is rejected, at least, for the same reasons as claims 1 and 

8 6. 
9 

1 0 Regarding claims 5, 1 0, and 1 5, Boden further discloses creating at least one 

1 1 security association according to an Internet Key Exchange (IKE) technique (3:60-4:1 6). 

1 2 Regarding claims 1 6 - 20, they are the features and limitations of the above 

13 rejected claims embodies as computer instructions upon a medium. Thus, they are 

14 rejected, at least, for the same reasons as the above rejected claims, and further 

1 5 because Boden discloses a computer program product for creating and maintaining a 

1 6 centralized key store ( 1 5:62-1 6:6). 



17 

1 8 Response to Arguments 

19 

20 Applicant's arguments filed 1/8/07 have been fully considered but they are not 

21 persuasive. 
22 
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1 Applicant argues primarily that: 

2 

3 (i) In no event, however, does Boden disclose applying a security service other than 

4 IPSec such that the security policies include application instance identifiers associated 

5 with security services. (Remarks, pg. 11) 
6 

7 In response to applicant's argument that the references fail to show certain 

8 features of applicant's invention, it is noted that the features upon which applicant relies 

9 (i.e., applying a security service other than IPSec such that the security policies include 

1 0 application instance identifiers associated with security services) are not recited in the 

1 1 rejected claim(s). Although the claims are interpreted in light of the specification, 

12 limitations from the specification are not read into the claims. See In re Van Geuns, 988 

13 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 
14 

1 5 (ii) In accordance with the present invention, on the other hand, IPSec is but one of 

16 a number of different security services that may be implemented using the claimed 

1 7 centralized key store (Remarks, pg. 1 1 ). 
18 

19 In response, the examiner respectfully notes that the applicant's arguments 

20 appear to be base upon a misinterpretation of IPSEC. Applicant is respectfully invited 

21 to review evidentiary teachings concerning IPSEC (Kent et al., RFC 2401 , "Security 

22 Architecture for the Internet Protocol", 1998, pgs. 1-66). Boden teaches inter alia the 
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1 use of IPSEC. As is known to those of ordinary skill in the art, IPSEC is a security 

2 architecture. This framework enables to provision of a plurality of security services that 

3 operate according to a plurality of protocols. 
4 

5 

6 Conclusion 

7 

8 The prior art made of record and not relied upon is considered pertinent to 

9 applicant's disclosure: 

10 see Notice of References Cited 

11 

12 A shortened statutory period for reply is set to expire 3 months (not less than 90 

1 3 days) from the mailing date of this communication. 

14 Any inquiry concerning this communication or earlier communications from the 

1 5 examiner should be directed to Jeffery Williams whose telephone number is (571 ) 272- 

16 7965. The examiner can normally be reached on 8:30-5:00. 

1 7 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

18 supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 

1 9 number for the organization where this application or proceeding is assigned is (703) 

20 872-9306. 
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Information regarding the status of an application may be obtained from the 



2 Patent Application Information Retrieval (PAIR) system. Status information for 

3 published applications may be obtained from either Private PAIR or Public PAIR. 

4 Status information for unpublished applications is available through Private PAIR only. 

5 For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

6 you have questions on access to the Private PAIR system, contact the Electronic 

7 Business Center (EBC) at 866-21 7-91 97 (toll-free). 
8 



9 

10 
11 
12 
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